<![CDATA[The fragmentation of the Android system and constant app updates create significant challenges in digital forensics. The urgency of this study is to empirically verify whether upgrading forensic tools, specifically from Cellebrite Physical Analyzer (CPA) v7.62 to v7.73, provides significant decoding value to prevent the loss of critical evidence. This study compares the effectiveness of both CPA versions on File System Extraction from OPPO (ColorOS) and Infinix (XOS) devices. Identical extraction images were processed by both CPA versions, and the results were analyzed quantitatively. The results show that CPA v7.73 is collectively superior, finding more artifacts. The most dramatic improvement occurs on Infinix (XOS) (35.69%), with crucial discoveries such as +7,296 additional Contacts and +368 Call Logs, demonstrating the success of the v7.73 decoder in overcoming the unique XOS database. On OPPO devices, improvements focused on communication with +966 additional WhatsApp Messages. This study concludes that CPA v7.73 is indispensable in forensic practice, as failure of older versions in recovering core artifacts can lead to substantial loss of evidence and affect the validity of investigations.]]>
Copyrights © 2025
